Amazon is the biggest online retailer in the US, but it's also not without problems. One of the ways Amazon became so big was by opening up its distribution network to third-party retailers, who use Amazon's warehouses and website to sell their own products. Buying from these retailers means you're not buying from Amazon proper, and that means you can be burned. DON'T MISS: How-To Geek has the story of how one author got scammed by a mini PC with a cracked version of Windows. When you're paying good money for a computer off a giant website, it shouldn't arrive with pirated software. And yet: The particular PC I purchased was sold by “ MarsKing “. Sure, that’s a Chinese manufacturer I’ve never heard of, but it’s solid Intel hardware inside. It was also marked by Amazon as the “#1 New Release” in this category and had solid 4-to-5-star reviews at the time. It even had a “Prime” logo, which meant that it would be shipped to me from an Amazon warehouse. Looks legit, right? Nope! The PC came with a KMS Loader activation crack installed and was using a KMS key–a common way to activate pirated Windows licenses. Windows Defender found the KMS activation crack and complained about malware as soon as Windows Update ran automatically. After I left a bad review and returned the product to Amazon, MarsKing contacted me through Amazon with an offer: “We would like to sell you a new pc box with legitimate [Windows license] at 50% money off as apologize.” I didn’t take them up on it. As the author points out, the reason he was burned was because he was buying from a third-party seller. Since Amazon never really verifies or tests products that it sells on behalf of third parties, there's very little quality control in the system. In fairness, Amazon is still better than buying from a scammer on eBay or Craigslist. Amazon's customer service is designed to keep the customers happy, so you can always return products, and I've personally been offered small discount vouchers when my Amazon purchases have gone wrong. But still, you don't want to go through the time and hassle of buying and returning something that's fake. To that end, How-To Geek has some good, simple tips to use when buying off Amazon. Avoid products that are sold and shipped by third-party sellers, and instead look for things sold by Amazon.com, or at least shipped by Amazon. Reading reviews is also important, but that's its own minefield. Amazon reviews have become tainted as of late. There's an entire cottage industry dedicated to writing fake Amazon reviews, and many companies have started trading discounted (or free) products in return for favourable reviews. Reviews aren't worthless (yet!), but you should pay attention when reading them to try and avoid reviews that have been incentivized.
KUWAIT CITY (AP) — Kuwait's Interior Ministry says a government employee has been arrested for spreading Islamic State ideology and hacking social media pages of "some friendly and sister countries."
AJMAN, United Arab Emirates (AP) — The suspicious text message that appeared on Ahmed Mansoor's iPhone promised to reveal details about torture in the United Arab Emirates' prisons. All Mansoor had to do was click the link.
The U.S. Department of Homeland Security is investigating a new incident involving actress Leslie Jones, who has been targeted by online abusers, after hackers posted nude photos and personal information on the "Ghostbusters" star's website. In order to protect the integrity of the case, no further details are available at this time," Rachel Yong You, a spokeswoman for the U.S. Immigration and Customs Enforcement, said on Thursday in an email to Reuters. ICE, as the agency is known, is a branch of the Department of Homeland Security.
Apple Inc issued a patch on Thursday to fix a dangerous security flaw in iPhones and iPads after researchers discovered that a prominent United Arab Emirates dissident's phone had been targeted with a previously unknown method of hacking. The thwarted attack on the human rights activist, Ahmed Mansoor, used a text message that invited him to click on a web link. Instead of clicking, he forwarded the message to researchers at the University of Toronto's Citizen Lab.
Roman Seleznev, also known as "Track2," was found guilty by a federal jury in Seattle on 38 of 40 counts including wire fraud and intentional damage to a protected computer following an eight day trial, prosecutors said. The conviction of Seleznev, of Vladivostok, followed a 10-year-long investigation by the U.S. Secret Service, the agency said. Seleznev, the son of Valery Seleznev, a member of the Russian Parliament, is scheduled to be sentenced on Dec. 2.
How can I compare the popularity of Google’s recently launched Duo video chat app to Android malware apps that many consider not to be a thing? That’s preposterous, heresy even. But I’m just going to show how much our perception is altered when talking about market share in the mobile business using Google’s CEO Sundar Pichai as a benchmark. DON’T MISS: iPhone 7: New leak may have just solved the only mystery left “Google Duo now over 5 million Android downloads in a week,” Pichai tweeted. That’s certainly impressive for an app that’s meant to bring a FaceTime-like experience to Android, but is also cross-platform, as the app is also available on iPhone. https://twitter.com/sundarpichai/status/768657715962839041 Let’s now look at a statement that Pichai made two years ago about malware. Addressing Tim Cook’s comments about Android malware the Apple CEO made at WWDC 2014, Pichai said during the I/O keynote the same year that “based on every data we see, well, well less than half a percent of users ever run into any malware issues.” That seemed to settle it. To many Android users who know how to avoid malware and will probably not have any issues with malicious apps in the future, it looked like Google cleared the air once and for all. But according to late June 2014 numbers, Google registered up to 1 billion active Android users each month. Translating percentages to a palpable number, I concluded at the time that, according to Pichai, up to 5 million users were affected by malware. That’s hardly something to be ignored. Let’s get back to Pichai’s Duo numbers. Imagine him tweeting something like: “Google Duo now on more than 0.37% of active Android devices in a week.” That’s hardly something one would care about. According to Google’s latest Android numbers, there are over 1.4 billion active users each month. These are September 2015 stats, and that’s the number I used to calculate the percentage above. As for malware, 0.5% of 1.4 billion amounts to 7 million people who might be affected by Android malware, assuming Pichai’s 2014 statement still holds true. But Google has taken several other measures since 2014 to combat malicious apps, so I’d hope that percentage is even lower. Furthermore, even if millions of people contracted malware at one point in their lives, there have been many different strains out there, from a variety of players. Very few of them managed to affect a large number of users, at least according to what's known to date, and many of them have been eradicated. Ben Evans calculated in late July that there might be an additional 450 million Android phones and 200 million Android tablets in China on top of what Google reports. These are the kind of devices that don’t connect to the Google Play store, therefore aren’t counted in statistics. And these are the kind of devices that are the most susceptible to malware. Again, comparing malware to an app isn’t something that can really be done. But the point I’m trying to make here is that we often fall for the numbers companies feed us, without looking at what they really mean in many cases. As for Duo, getting 5 million app installs in one month alone is very impressive, and that number is only going up, I would assume. It’s interesting though that Pichai did not say anything about iPhone downloads, which might mean they’re not relevant yet. But is it a hit already?
Researchers have discovered a scarily effective piece of malware, authored by an Israeli "cyber arms dealer," that can completely hack an iPhone if the user clicks on one link. First found by a UAE human rights defender who was sent a malicious link, the spyware uses a series of zero-day exploits to thoroughly take control of a users' iPhone. Ahmed Mansoor, the human rights defender in question, was sent the link earlier in August. It was in a text message which promised him information if he followed the link. Instead, he sent the link to researchers at Citizen Lab, who analyzed the malware installed after the link. DON'T MISS: New video goes behind the scenes of an iPhone 7 leak for the first time ever The spyware uses three zero-day exploits to jailbreak any stock iPhone, allowing secret access to data on the device and monitoring of the microphone and camera. In a blog post, the researchers discovered links to a private Israeli firm: "We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based “cyber war” company that sells Pegasus , a government-exclusive “lawful intercept” spyware product. NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management." Apple has been informed of the zero-day exploits, and has already fixed them. iOS 9.3.5, out today, is basically just a security update that patches those holes. It's not just about those three exploits, though: the more worrying fact is that for enough money, anyone seems to be able to buy a hacking tool that can easily penetrate the most common smartphone in the world. For now, the basic principles of staying safe on the internet remain the same: never click on a link unless it's sent from a specifically trusted source.
With less than two weeks to go until the iPhone 7 unveiling, Apple has released another update for iOS 9, and this is one you're going to want to download as soon as you possibly can. According to The New York Times , Apple discovered that NSO Group, an intelligence gathering firm out of Israel, was taking advantage of multiple vulnerabilities that allowed them to read texts and emails, track calls, record audio, collect passwords and even track a user's location. DON'T MISS: New video goes behind the scenes of an iPhone 7 leak for the first time ever If you want to keep your private information secure, it's probably best to update immediately. In order to download and install iOS 9.3.5, either head to Settings > General > Software Update on your iOS device, or plug the device into your computer, at which point iTunes will alert you that an update is available. If you want to know more about the vulnerabilities, Vice has an incredible (and incredibly detailed) account of how it was discovered : "On the morning of August 10, Ahmed Mansoor, a 46-year-old human rights activist from the United Arab Emirates, received a strange text message from a number he did not recognize on his iPhone. “New secrets about torture of Emiratis in state prisons," read the tantalizing message, which came accompanied by a link. Mansoor, who had already been the victim of government hackers using commercial spyware products from FinFisher and Hacking Team , was suspicious and didn’t click on the link. Instead, he sent the message to Bill Marczak, a researcher at Citizen Lab, a digital rights watchdog at the University of Toronto's Munk School of Global Affairs. As it turned out, the message wasn’t what it purported to be." You should absolutely read the full piece, but before you do, make sure that all of your iOS devices are updated to iOS 9.3.5.
PARIS (AP) — Apple issues security update following discovery of iPhone spyware circulating in Middle East.
• Tech firms' encryption foe struggles for U.S. Senate re-election (Aug 27, 2016)
• Welcome to the Trump-Clinton conspiracy election (Aug 27, 2016)
• 'SNL' star Leslie Jones' personal site offline after hacking (Aug 27, 2016)
• Google just made public Wi-Fi suck a little bit less (Aug 27, 2016)
• Jury deliberates case of Russian man charged with hacking (Aug 27, 2016)
• Lottery scandal prosecutor seeks to subpoena Texas attorneys (Aug 27, 2016)
• The Latest: Jury gets case of Russian accused of hacking (Aug 27, 2016)
• Goldcorp struggles with leak at Mexican mine (Aug 27, 2016)
• New York Times says suspected Russian hackers targeted Moscow bureau (Aug 27, 2016)